diff options
| author | eivind <eivind@FreeBSD.org> | 1997-02-09 16:11:13 +0000 |
|---|---|---|
| committer | eivind <eivind@FreeBSD.org> | 1997-02-09 16:11:13 +0000 |
| commit | fe1adf2badb64ea9f4e04e7115c03b676d06b621 (patch) | |
| tree | f1be26a51fc91dd7067ae0fd86c8e0920966bd38 /usr.bin | |
| parent | 7701b280a50729646a7ece231764a8d26295a4fa (diff) | |
| download | FreeBSD-src-fe1adf2badb64ea9f4e04e7115c03b676d06b621.zip FreeBSD-src-fe1adf2badb64ea9f4e04e7115c03b676d06b621.tar.gz | |
Removed potential buffer overflow.
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/rdist/defs.h | 3 | ||||
| -rw-r--r-- | usr.bin/rdist/docmd.c | 2 | ||||
| -rw-r--r-- | usr.bin/rdist/expand.c | 13 | ||||
| -rw-r--r-- | usr.bin/rdist/server.c | 6 |
4 files changed, 15 insertions, 9 deletions
diff --git a/usr.bin/rdist/defs.h b/usr.bin/rdist/defs.h index 8e4f381..cc484a2 100644 --- a/usr.bin/rdist/defs.h +++ b/usr.bin/rdist/defs.h @@ -157,6 +157,7 @@ extern struct passwd *pw; /* pointer to static area used by getpwent */ extern struct group *gr; /* pointer to static area used by getgrent */ extern char host[]; /* host name of master copy */ extern char buf[BUFSIZ]; /* general purpose buffer */ +extern char target[BUFSIZ]; /* target/source directory name */ extern char *path_rsh; /* rsh command to use */ int any __P((int, char *)); @@ -168,7 +169,7 @@ void error __P((const char *, ...)); int except __P((char *)); struct namelist * expand __P((struct namelist *, int)); -char *exptilde __P((char [], char *)); +char *exptilde __P((char [], char *, int)); void fatal __P((const char *, ...)); int inlist __P((struct namelist *, char *)); void insert __P((char *, diff --git a/usr.bin/rdist/docmd.c b/usr.bin/rdist/docmd.c index 7081548..a56a163 100644 --- a/usr.bin/rdist/docmd.c +++ b/usr.bin/rdist/docmd.c @@ -479,7 +479,7 @@ cmptime(name) * first time cmptime() is called? */ if (tp == NULL) { - if (exptilde(target, name) == NULL) + if (exptilde(target, name, sizeof(target)) == NULL) return; tp = name = target; while (*tp) diff --git a/usr.bin/rdist/expand.c b/usr.bin/rdist/expand.c index 142e086..497a551 100644 --- a/usr.bin/rdist/expand.c +++ b/usr.bin/rdist/expand.c @@ -618,13 +618,16 @@ addpath(c) * part corresponding to `file'. */ char * -exptilde(buf, file) +exptilde(buf, file, maxlen) char buf[]; register char *file; + int maxlen; { register char *s1, *s2, *s3; extern char homedir[]; + if (strlen(file) >= maxlen) + return(NULL); if (*file != '~') { strcpy(buf, file); return(buf); @@ -655,13 +658,15 @@ exptilde(buf, file) *s3 = '/'; s2 = pw->pw_dir; } - for (s1 = buf; (*s1++ = *s2++); ) + for (s1 = buf; (*s1++ = *s2++) && s1 < buf+maxlen; ) ; s2 = --s1; - if (s3 != NULL) { + if (s3 != NULL && s1 < buf+maxlen) { s2++; - while ((*s1++ = *s3++)) + while ((*s1++ = *s3++) && s1 < buf+maxlen) ; } + if (s1 == buf+maxlen) + return(NULL); return(s2); } diff --git a/usr.bin/rdist/server.c b/usr.bin/rdist/server.c index e3a12fb..37ae9c5 100644 --- a/usr.bin/rdist/server.c +++ b/usr.bin/rdist/server.c @@ -115,7 +115,7 @@ server() case 't': /* init target file/directory name */ catname = 0; dotarget: - if (exptilde(target, cp) == NULL) + if (exptilde(target, cp, sizeof(target)) == NULL) continue; tp = target; while (*tp) @@ -176,7 +176,7 @@ server() continue; } if (*cp == '~') { - if (exptilde(buf, cp) == NULL) + if (exptilde(buf, cp, sizeof(buf)) == NULL) continue; cp = buf; } @@ -248,7 +248,7 @@ install(src, dest, destdir, opts) return; } - rname = exptilde(target, src); + rname = exptilde(target, src, sizeof(target)); if (rname == NULL) return; tp = target; |
